PaulDotCom mailing list archives

Fwd: Gonzor / Themiddler / PEScrambler

From: gbugbear at gmail.com (Tim Mugherini)
Date: Thu, 18 Dec 2008 16:50:57 -0500

Or what if someone uses it for wrong doing is this site liable? While many
of us would disagree some other may see it as that. Look at the hell
Emmanuel went through in the MPAA versus 2600 trials (and that was for just
linking to the program)

I'm not saying do or don't but I agree the Legal implications should be
considered by all involved.

T



2008/12/18 Nathan Sweaney <NSweaney at tulsacash.com>

 I can see the wisdom in asking permission, but what if there's no
response, or there's no one left to ask?  It seems to me that the site would
be more useful with a policy of hosting unless asked not to.  Afterall the
whole thing started with a discussion of how to find utilities that no
longer seem to have a home.

i also wonder about legality issues.  if the site hosts the tools and
someone decides that it's illegal, what's the plan.  also, what if someone
insists that their tool not be hosted, but there's no where else to get it.
Or if they insist on only hosting the most recent version even if there are
legitimate reasons why security professionals may want to use older
versions.

seems like there are a lot of questions that could come up eventually.


 ------------------------------
 *From:* pauldotcom-bounces at mail.pauldotcom.com [mailto:
pauldotcom-bounces at mail.pauldotcom.com] *On Behalf Of *Arch Angel
*Sent:* Thursday, December 18, 2008 11:55 AM

*To:* PaulDotCom Security Weekly Mailing List
*Subject:* Re: [Pauldotcom] Fwd: Gonzor / Themiddler / PEScrambler

Asking permission would go without saying, we would have to request
permission to archive / central repository for these tools.

As for the Germany thing, ya I just heard about that.  Fairly power law and
recourse for such action!

I also agree a Wiki type setup would be needed, thats why I was thinking a
media style Wiki like plone or other solution:

http://plone.org/



2008/12/18 Nils <nils at hemmann.de>

 hm, I'm not sure If we shoulder too much with this.
You need to talk to each and everyone to get permission to host their
software.

....but anyway I'm happy to give a helping hand. We'd need a Wiki page for
each tool, too and I could provide some input for quite some tools.
I'm from Germany and hosting such a thingy over here is against the law
(Anti Hacker blablabla...)  but helping you overseas isn't   ;-)

Nils

 ------------------------------
*From:* pauldotcom-bounces at mail.pauldotcom.com [mailto:
pauldotcom-bounces at mail.pauldotcom.com] *On Behalf Of *Rob Fuller
*Sent:* Thursday, December 18, 2008 4:06 PM

*To:* PaulDotCom Security Weekly Mailing List
*Subject:* Re: [Pauldotcom] Fwd: Gonzor / Themiddler / PEScrambler

  Just purchased SecToolsList.com if ya'll are interested in going under
that name.

2008/12/18 Arch Angel <arch3angel at gmail.com>

I was thinking we come up with a whole new domain we can build off of,
something reflective of the culture and the community.

Any suggestions?

2008/12/18 Matt Hillman <cybereagle at gmail.com>

well i dunno if its relevant enough but i'm happy to provide a creatively

thought up subdomain of hackerslegion.com

2008/12/18 Arch Angel <arch3angel at gmail.com>

If anyone has the time to help me begin this project of creating a

central point and website for all these goodies let me know.  I can provide
space, bandwidth, and if we come up with a domain name that we all like I'll
throw in the cost of the domain name.  Once we have the domain name I can
have the access setup in a matter of minutes.

P.s. We cant use "larryisgod.org" its not fair to the other monkeys in
the zoo :-)

2008/12/17 Nathan Sweaney <NSweaney at tulsacash.com>

  if I remember correctly, the Gonzor payload was basically just a
well-written batch file that called several utilities from
http://www.nirsoft.net/.

so if you've already got a usable exploit just use the meterpreter &
copy the utilities over that you want to use.

in fact you could probably create meterpreter scripts that would do
each of the things you want more efficiently.

 ------------------------------
*From:* pauldotcom-bounces at mail.pauldotcom.com [mailto:
pauldotcom-bounces at mail.pauldotcom.com] *On Behalf Of *Noah
*Sent:* Wednesday, December 17, 2008 5:35 PM
*To:* 'PaulDotCom Security Weekly Mailing List'
*Subject:* Re: [Pauldotcom] Fwd: Gonzor / Themiddler / PEScrambler

  Hi,



While we're still talking about the Gonzor payload, has anyone had any
luck with ? or seen something similar to Gonzor for metasploit? The saved
password dumping that the Gonzor payload does would be exceptionally handy
in a pentest as a metasploit payload.



- Noah

_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com



_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com



_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com



_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com



_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com



_______________________________________________
Pauldotcom mailing list
Pauldotcom at mail.pauldotcom.com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.pauldotcom.com/pipermail/pauldotcom/attachments/20081218/2a94a3d9/attachment.htm

Current thread:

Fwd: Gonzor / Themiddler / PEScrambler, (continued)
- - - Fwd: Gonzor / Themiddler / PEScrambler infolookup at gmail.com (Dec 17)
    - Fwd: Gonzor / Themiddler / PEScrambler Nathan Sweaney (Dec 17)
    - Fwd: Gonzor / Themiddler / PEScrambler Arch Angel (Dec 18)
    - Fwd: Gonzor / Themiddler / PEScrambler Matt Hillman (Dec 18)
    - Fwd: Gonzor / Themiddler / PEScrambler Arch Angel (Dec 18)
    - Fwd: Gonzor / Themiddler / PEScrambler Rob Fuller (Dec 18)
    - Fwd: Gonzor / Themiddler / PEScrambler Nils (Dec 18)
    - Fwd: Gonzor / Themiddler / PEScrambler Rob Fuller (Dec 18)
    - Fwd: Gonzor / Themiddler / PEScrambler Arch Angel (Dec 18)
    - Fwd: Gonzor / Themiddler / PEScrambler Nathan Sweaney (Dec 18)
    - Fwd: Gonzor / Themiddler / PEScrambler Tim Mugherini (Dec 18)
    - Fwd: Gonzor / Themiddler / PEScrambler Arch Angel (Dec 19)
    - Fwd: Gonzor / Themiddler / PEScrambler pillb0x (Dec 19)